THIS UNWANTED GARBAGE ORIGINATED FROM AND BROUGHT TO YOU COURTESY OF:

PATRICK PARIS -- STINKING PIECE OF FRENCH PIG SHIT
PATRICK PARIS -- SHITBAG FLOODER
PATRICK PARIS -- SCUMBAG
PATRICK PARIS -- MORALLY BANKRUPT




In article <OCI0NH5J38641.0623726852@anonymous.sender>
Anonymous-Remailer@See.Comment.Header (Twisty_admin) wrote:

I have been consistantly pinged by  BLACKHOLE-1.IANA.ORG from ANONYMOUS and
mail.brianbinder.com. A tad annoying when mine is a static commercial
account.

Odd  that they could ping me from 10.1.10.1 which is the same address as my
new modem/router. They also tried to connect to port 137.

I had to use the internal firewall to block all the connections they use.
Now I can't access my modem/router from this PC. A never ending battle.  :)

I thought you had a static IP now, not some 10.x.x.x crap? Or is
the static IP on the WAN side of the router? If so, no 10.x.x.x
traffic should be coming in to your network (the router should
be able to stop it and the ISP shouldn't be routing it to you in
the first place).

Anyway, block ports 135-139 and 445 at the router. All virus
stuff.

I have everything blocked except port 25 which is forwarded.

I have a static IP. The new modem is a combination modem/router. You are
correct, the static IP is on the WAN side. I have 4 other computers
connected to it. 1 laptop by wireless so I have a wireless router plugged
in to one of the ports. The 3 others are direct connected to the router.
The re-mailer has a fixed IP while I let the other 2 receive their addesses
by DHCP. The wireless laptop receives a 192.168.0.2 address from the
wireless router. The others all have 10.1.10.xxx IPs.

To access the router, I have to type in 10.1.10.1 which brings up the login
page for the router. The re-mailer PC is at a fixed IP of 10.1.10.xxx.  (in
case they read this, they'll have to guess what xxx is) The router itself
has a built in firewall which I enabled. Then each computer has a McAffee
virus/securitycenter/firewall combination on it.

The only one that gets pinged is this one, the re-mailer. Things slowed
down since I blocked everything including the router. I am surprised it
still works at all.

I just don't know how I can get pinged or whatever from the same address as
my router. I thought a real Domain IP should show up. Again, I am far from
the expert so would really like to know how this can be done. Seems pretty
tricky. I just don't like the name Blackhole. Gives me the shudders. I sure
know what a "blacklist" is and blackhole and blacklist are somewhat
synonymous.

I picked out 3 out of about 12.
Here they are.

2005/10/15 10:06:26 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 10:12:35 10.1.10.1:0 (mail.brianbinder.com) 10.1.10.200:0 ICMP
Ping
2005/10/15 16:26:11 10.1.10.95:68 (ANONYMOUS) 255.255.255.255:67 Bootstrap
Protocol Server

ICMP type 0 is ping reply (pong) isn't it? Sure you're not
pinging or tracerouting mail.brainbinder.com at the time?

All traceroutes come back to this:
Maybe this is all OK and they just happened to pick bad names for their
servers. Blackhole? Yuuch!!!

Sender ANONYMOUS? Why not a real name?

Because 10.1.10.95 doesn't have a valid reverse DNS record.
Which it won't, because it's not on the internet. Unless you set
one up locally.

Reminds me of Carnivore.  Some stealth project :) A bad pick for a name at
any case.

OrgName:    Internet Assigned Numbers Authority
OrgID:      IANA
Address:    4676 Admiralty Way, Suite 330
City:       Marina del Rey
StateProv:  CA
PostalCode: 90292-6695
Country:    US

NetRange:   10.0.0.0 - 10.255.255.255
CIDR:       10.0.0.0/8
NetName:    RESERVED-10
NetHandle:  NET-10-0-0-0-1
Parent:
NetType:    IANA Special Use
NameServer: BLACKHOLE-1.IANA.ORG
NameServer: BLACKHOLE-2.IANA.ORG
Comment:    This block is reserved for special purposes.
Comment:    Please see RFC 1918 for additional information.
Comment:
RegDate:
Updated:    2002-09-12

OrgAbuseHandle: IANA-IP-ARIN
OrgAbuseName:   Internet Corporation for Assigned Names and Number
OrgAbusePhone:  +1-310-301-5820
OrgAbuseEmail:  abuse@iana.org

OrgTechHandle: IANA-IP-ARIN
OrgTechName:   Internet Corporation for Assigned Names and Number
OrgTechPhone:  +1-310-301-5820
OrgTechEmail:  abuse@iana.org


The part that disturbs me is from their own website. It says:

Special-Use Addresses

Several address ranges are reserved for "Special Use". These addresses all
have restrictions of some sort placed on their use, and in general should
not appear in normal use on the public Internet. The following briefly
documents these addresses – in general they are used in specialized
technical contexts. They are described in more detail in RFC 3330.
"Private Use" IP addresses:
        10.0.0.0 - 10.255.255.255
        172.16.0.0 - 172.31.255.255
        192.168.0.0 - 192.168.255.255

The above address blocks are reserved for use on private networks, and
should never appear in the public Internet. There are hundreds of thousands

That's right.

You're not being pinged or attacked from outside your network.

Don't worry about the name blackhole - that's been assigned by
IANA!

So, in the end, am I getting spoofed by a hacker, or by my own
cablemodem/router?

If it's a spoof (and I very much doubt it), the reply isn't
going anywhere. Besides which, your router shouldn't be routing
those addresses inbound so it's almost certainly coming from
within your network.

<<==========>>

Subject: Re: What Did He Do?


Anonymous wrote:

In article <4358c341$0$11080$e4fe514c@news.xs4all.nl>
"Thomas J. Boschloo" <nospam@hccnet.nl> wrote:

Sorry if I sound a bit psychotic. It is a thin line. I know.

Some of your posts have been a bit strange lately. Is everything okay
with you?

lol, haven't they always been?!
Thomas
- --
Gothika: "How can you trust someone who thinks you are crazy"

<<==========>>

Subject: VANDALS and PUNKS

company that makes
privacyrelated software
We are trying to help curb
abusesIf I see too many
instances of nastiness
showing up on the net I
may feelthe need to jump
back in and start
monitoring again blocking
follows fromthat
censorship to the
Shyster and after that
making known the id ofthe

His Marks He Even
VANDALS and PUNKS
No I think the REAL stal
ker is the cone who FOLL
OWS somebody into 
newsgroup after newsgroup
and attacks that person
or several people he calls
his MARKS He even
uses the AOL IM ID
MARKGETTER  and he e
ven goes  so far to STALK
he puts up a 50+ page
websitemonitoring and
censorship to destroy the
little bastardsSavoni
says the new law violates
his privacy comparing it to
HIM POOR BABY Anyone
given thought to the
CubansEven if you are one
of the lice remailers that
follow such anThe
employment database is
required to include all
such data maintained by
the Department of
Homeland Security
combined with what the
ven goes  so far to STALK
Social Security
Administration has on file
I may post that as a
separate question but Im
using it here as an
example of things you
normally do in everyday
life but that you will take
the time to reply to this
note with your thoughts on
how such measures
disclaimer and forced From
header would affect your
posting here or to any
newsgroup Would you post
here despite the
disclaimer or would you
continue to post here
despite the disclaimer or
would you choose another
remailer Get back to me
when you want to do when
in secretspy mode
Moore do you think from